ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and in case it detects an intrusion attempt, it blocks it. The firewall furthermore maintains a more thorough log for the website visitors than any web server does, so you'll manage to keep track of what's happening with your Internet sites much better than if you rely simply on standard logs. ModSecurity works with security rules based on which it stops attacks. For instance, it identifies if anyone is attempting to log in to the administration area of a particular script several times or if a request is sent to execute a file with a certain command. In these instances these attempts set off the corresponding rules and the firewall blocks the attempts in real time, and then records detailed info about them in its logs. ModSecurity is among the best software firewalls available and it could easily protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.
ModSecurity in Cloud Hosting
ModSecurity is available on all cloud hosting web servers, so if you decide to host your Internet sites with our organization, they will be resistant to a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you will have to do on your end. You'll be able to stop ModSecurity for any site if needed, or to activate a detection mode, so all activity will be recorded, but the firewall won't take any real action. You shall be able to view specific logs using your Hepsia CP including the IP where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the safety of our customers' Internet sites very seriously, we employ a selection of commercial rules that we get from one of the top firms that maintain this kind of rules. Our administrators also include custom rules to make sure that your sites will be protected against as many risks as possible.
ModSecurity in Semi-dedicated Servers
Any web program that you set up inside your new semi-dedicated server account shall be protected by ModSecurity as the firewall is included with all our hosting solutions and is turned on by default for any domain and subdomain which you add or create through your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated section inside Hepsia where not simply can you activate or deactivate it entirely, but you could also enable a passive mode, so the firewall will not stop anything, but it will still maintain a record of potential attacks. This takes only a click and you shall be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, etc. The firewall employs 2 sets of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one that our administrators update manually in order to respond to recently discovered threats at the earliest opportunity.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers we offer and it will be switched on automatically for every new domain or subdomain you include on the machine. In this way, any web application which you install shall be secured immediately without doing anything manually on your end. The firewall may be managed through the section of the Control Panel that bears the same name. This is the place in whichyou can switch off ModSecurity or let its passive mode, so it shall not take any action toward threats, but shall still keep a thorough log. The recorded information is available in the same area as well and you'll be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we use on our servers are a mix between commercial ones we obtain from a security firm and custom ones that are added by our administrators to improve the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers which are integrated with our Hepsia CP and you won't need to do anything specific on your end to employ it as it's enabled by default each time you add a new domain or subdomain on your hosting server. If it interferes with any of your applications, you'll be able to stop it through the respective area of Hepsia, or you could leave it in passive mode, so it shall identify attacks and shall still maintain a log for them, but will not block them. You could analyze the logs later to find out what you can do to boost the security of your Internet sites since you shall find info such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity responded, and so on. The rules that we employ are commercial, hence they are constantly updated by a security firm, but to be on the safe side, our staff also include custom rules every now and then in order to deal with any new threats they have found.